Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: yB4oL2JVA2sNwokl2K343eb5JGCo22uXD/M9wd4E630=
Subject key identifier: 51:29:AD:8D:1F:57:F3:C7:41:69:70:6D:62:10:20:96:55:F0:31:93
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 37DB77F611D85ED8765508FFD835FE259F3B6A8E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Sat 15 Nov 2025 06:40:34 +0000
ROA not before: Sat 15 Nov 2025 06:40:34 +0000
ROA not after: Sat 20 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 01:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:db:77:f6:11:d8:5e:d8:76:55:08:ff:d8:35:fe:25:9f:3b:6a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 15 06:40:34 2025 GMT
Not After : Dec 20 23:59:59 2025 GMT
Subject: serialNumber=c5728f645d1f3e15973b7e7f6dd33c04416d2e7d930734dfc6740da1c1264bb8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:94:6e:73:8d:7b:f6:3e:62:57:ec:e7:e0:
ee:5b:6b:b1:07:69:4e:d0:59:49:2e:4f:4c:77:05:
c0:cf:87:93:6d:2b:39:f9:bd:3f:9c:57:41:72:20:
c6:86:f1:60:3f:ac:d3:58:80:89:23:38:5e:33:9c:
f4:e8:d6:ad:03:67:2e:3c:ca:53:c1:52:15:18:3d:
e6:86:36:ef:df:4a:b3:6e:be:01:be:e7:aa:41:65:
2b:f1:4d:f9:1f:79:19:33:61:15:7e:2b:a0:0b:ad:
37:9d:7e:78:f8:5e:0c:5a:0b:0e:f1:06:5c:41:a5:
d9:96:ad:b6:08:84:34:c7:46:7e:dc:c2:82:7e:e8:
d0:aa:7c:ad:6f:84:90:16:51:ee:18:73:df:17:e0:
05:7b:fa:06:bf:0a:67:24:ed:e4:06:58:6a:ce:86:
03:11:3e:b1:ca:fa:65:c6:7a:89:81:9d:6d:06:82:
3f:49:c4:6c:0a:11:23:c6:10:b7:a7:d0:f8:3b:f7:
10:a0:82:fd:a5:d1:81:c6:46:f7:23:dd:96:61:e6:
35:35:f9:c0:f4:99:e3:0c:50:eb:64:13:30:be:0a:
3c:6f:23:76:c2:76:63:ef:50:b8:a6:aa:30:a0:d5:
2c:04:2e:8b:89:60:b8:57:a5:d8:3e:a0:d2:b9:c5:
94:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:29:AD:8D:1F:57:F3:C7:41:69:70:6D:62:10:20:96:55:F0:31:93
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
16:d3:5a:ad:6e:1c:e9:c6:27:63:e1:70:de:c9:c7:10:20:bc:
d7:a7:d6:da:94:12:88:4d:44:72:80:04:8d:77:c2:11:7e:7d:
33:75:2c:b3:8d:09:87:b8:f7:a0:ef:c3:4e:d7:cb:7d:cd:b1:
05:7a:4b:39:ee:76:7c:6c:7b:fc:8c:a8:fc:1c:26:b0:00:d2:
67:84:47:dc:70:a1:e3:4f:43:82:3d:74:c5:0b:ae:93:e1:b0:
e7:ae:c5:b4:a3:4a:af:f7:e0:eb:c1:d7:32:87:6d:ab:61:e4:
1c:0b:81:a6:03:92:6f:16:10:32:10:21:85:b1:b1:ce:50:05:
8e:af:4d:d5:91:33:41:ae:8a:b3:9b:91:a9:c3:4d:53:0b:60:
da:08:f4:60:8e:b8:e5:fa:83:31:c5:e7:44:31:19:5a:23:be:
93:1f:ca:b8:aa:10:8b:a8:52:ca:43:39:d7:23:6b:51:62:2e:
0b:2c:73:04:92:9a:2a:73:a9:93:cf:06:c3:06:5f:69:af:2c:
ed:8a:6f:de:85:04:b9:1e:3e:7b:b0:a9:28:f7:ca:48:5e:1c:
30:89:cd:7b:7f:6e:f4:75:0d:34:e0:e7:04:09:26:34:44:e0:
fc:e2:af:0f:9f:4d:4b:28:c5:0a:7e:44:3f:fc:61:4c:f1:ba:
26:6a:a6:14
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUN9t39hHYXth2VQj/2DX+JZ87ao4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTExMTUwNjQwMzRaFw0yNTEyMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM1NzI4ZjY0NWQxZjNlMTU5NzNiN2U3ZjZkZDMzYzA0NDE2ZDJlN2Q5MzA3
MzRkZmM2NzQwZGExYzEyNjRiYjgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzFlG5zjXv2PmJX7Ofg7ltrsQdpTtBZSS5PTHcFwM+Hk20rOfm9P5xXQXIg
xobxYD+s01iAiSM4XjOc9OjWrQNnLjzKU8FSFRg95oY2799Ks26+Ab7nqkFlK/FN
+R95GTNhFX4roAutN51+ePheDFoLDvEGXEGl2ZattgiENMdGftzCgn7o0Kp8rW+E
kBZR7hhz3xfgBXv6Br8KZyTt5AZYas6GAxE+scr6ZcZ6iYGdbQaCP0nEbAoRI8YQ
t6fQ+Dv3EKCC/aXRgcZG9yPdlmHmNTX5wPSZ4wxQ62QTML4KPG8jdsJ2Y+9QuKaq
MKDVLAQui4lguFel2D6g0rnFlFsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRRKa2N
H1fzx0FpcG1iECCWVfAxkzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQAW01qtbhzpxidj4XDeyccQILzXp9balBKITURygASN
d8IRfn0zdSyzjQmHuPeg78NO18t9zbEFeks57nZ8bHv8jKj8HCawANJnhEfccKHj
T0OCPXTFC66T4bDnrsW0o0qv9+Drwdcyh22rYeQcC4GmA5JvFhAyECGFsbHOUAWO
r03VkTNBroqzm5Gpw01TC2DaCPRgjrjl+oMxxedEMRlaI76TH8q4qhCLqFLKQznX
I2tRYi4LLHMEkpoqc6mTzwbDBl9pryztim/ehQS5Hj57sKko98pIXhwwic17f270
dQ004OcECSY0ROD84q8Pn01LKMUKfkQ//GFM8bomaqYU
-----END CERTIFICATE-----
Generated at Sat Nov 15 10:59:44 2025 by rpki-client